# Secure adminer setup
# Author Taras Kozlov

# download adminer to separate directory
mkdir -p /var/www/admin
cd /var/www/admin
wget http://www.adminer.org/latest.php -O adminer.php
echo '<?php phpinfo(); >' > info.php

sudo -i

# Generate self-signed certificate
mkdir -p /etc/nginx/ssl
sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/nginx/ssl/admin.key -out /etc/nginx/ssl/admin.crt

# Generate htpasswd
apt-get install apache2-utils
mkdir -p /etc/nginx/.htpasswd
htpasswd -c /etc/nginx/.htpasswd/admin admin

# setup site to this directorty
# example site http://admin.example.com
nano /etc/nginx/sites-available/admin

server {
    listen         80;
    server_name    admin.example.com;
    return         301 https://$server_name$request_uri;
}

server {
    server_name	   admin.example.com;
    listen	       443 ssl;
    access_log     /var/log/nginx/admin.access.log;
    error_log      /var/log/nginx/admin.error.log;

    ssl_certificate /etc/nginx/ssl/admin.crt;
    ssl_certificate_key /etc/nginx/ssl/admin.key;

    root           /var/www/admin;
    index          index.php;

    # Get file here https://codex.wordpress.org/Nginx
    include        global/restrictions.conf;

    auth_basic "Restricted";
    auth_basic_user_file /etc/nginx/.htpasswd/admin;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
    	try_files $uri =404;
    	fastcgi_split_path_info ^(.+\.php)(/.+)$;
    	fastcgi_pass php;
    	fastcgi_index index.php;
    	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    	include fastcgi_params;
    }
}

# enabling this site
cd /etc/nginx/sites-enabled
ln -s ../sites-available/admin admin
service nginx reload